The purpose of password encoding is to deter casual observation of passwords in server configuration and property files. Use the PropFilePasswordEncoder utility to encode passwords stored in properties files. WebSphere® Application Server does not provide a utility for decoding the passwords. Encoding is not sufficient to fully protect passwords. Native security is the primary mechanism for protecting passwords used in WebSphere Application Server configuration and property files.
File name | Additional information | Navigation |
---|---|---|
profile_root/config/cells/cell_name/security.xml |
The following fields contain encoded
passwords:
|
security > Global security > Apply. |
profile_root/config/cells/cell_name /security.xml |
The following fields contain encoded
passwords:
|
security > Global security > Apply. |
war/WEB-INF/ibm_web_bnd.xml |
Specifies the passwords for the default basic authentication for the resource-ref bindings within all the descriptors, except in the Java cryptography architecture | |
ejb jar/META-INF/ibm_ejbjar_bnd.xml |
Specifies the passwords for the default basic authentication for the resource-ref bindings within all the descriptors, except in the Java cryptography architecture | |
client jar/META-INF/ibm-appclient_bnd.xml |
Specifies the passwords for the default basic authentication for the resource-ref bindings within all the descriptors, except in the Java cryptography architecture | |
ear/META-INF/ibm_application_bnd.xml |
Specifies the passwords for the default basic authentication for the run as bindings within all the descriptors | |
profile_root/config/cells/cell_name /nodes/node_name/servers/ server_name/security.xml |
The following fields
contain encoded passwords:
|
|
profile_root/config/cells/cell_name /nodes/node_name/servers/security.xml |
The following fields contain encoded
passwords:
|
|
profile_root/config/cells/cell_name /nodes/node_name/servers/ server_name/resources.xml |
The following fields
contain encoded passwords:
|
|
profile_root/config/cells/cell_name /nodes/node_name/servers/server1/resources.xml |
The following fields
contain encoded passwords:
|
|
profile_root/config/cells/cell_name/ws-security.xml |
servers > server types > websphere application servers > serverName >JAX-WS and JAX-RPC security runtime > Apply. | |
profile_root/config/cells/cell_name /ws-security.xml |
servers > server types > websphere application servers > serverName >JAX-WS and JAX-RPC security runtime > Apply. | |
ibm-webservices-bnd.xmi |
This
is a deployment descriptor included with JAX-RPC provider applications.
The following fields contain encoded passwords:
|
Applications > Enterprise Applications > application name > Manage Modules > module name > Web services: Server security binding (under Web Services Security Properties on the right hand side) > Edit custom. |
ibm-webservicesclient-bnd.xmi |
This
is a deployment descriptor included with JAX-RPC client applications.
The following fields contain encoded passwords:
|
Applications > Enterprise Applications > application name > Manage Modules > module name > Web services: Client security binding (under Web Services Security Properties on the right hand side) > Edit custom. |
profile_root/config/cells/cell_name/PolicyTyper/WSSecurity/bindings.xml |
The following fields
contain encoded passwords:
|
Services > Policy Sets > Default policy set bindings > Version 6.1 default policy set bindings > WS-Security > Custom properties > Apply. |
profile_root/config/cells/cell_name/nodes/node_name/servers/server_name/server.xml |
The following fields
contain encoded passwords:
|
servers > server
types > websphere application servers > serverName > session
management > distributed environment > database > OK. Note: If
you are not using a database, choose: none.
|
profile_root/config/cells/cell_name/applications/(appName/.../WSSecurity/bindings.xml |
WSSecurity/bindings.xml is a JAX-WS WS-Security policy binding file. When it is located in the cell_name/applications path, it is part of an application specific binding. The following fields contain encoded passwords:
|
Services > service providers or > service clients > resourceName > bindingName > WS-Security > Custom properties > Apply. |
profile_root/config/cells/cell_name/
|
The following fields
contain encoded passwords:
|
Services > Policy Sets > General provider policy set bindings > bindingName > WS-Security > Custom properties > Apply. |
profile_root/config/cells/cell_name/sts
|
The following fields
contain encoded passwords:
|
services > trust service attachments > bindingName > WS-Security > Custom properties > Apply. |
File name | Additional information |
---|---|
profile_root /properties/sas.client.props |
Specifies the passwords for the
following files:
|
profile_root/properties/sas.client.props |
Specifies the passwords for the
following files:
|
profile_root /properties/sas.tools.properties |
Specifies passwords
for:
|
profile_root/properties/sas.tools.properties |
Specifies passwords
for:
|
profile_root /properties/sas.stdclient.properties |
Specifies passwords
for:
|
profile_root/properties/sas.stdclient.properties |
Specifies passwords
for:
|
profile_root /properties/wsserver.key |
|
profile_root/properties/wsserver.key |
|
profile_root/profiles/AppSrvXX/properties/sib.client.ssl.properties |
Specifies passwords for:
|
profile_root/UDDIReg/scripts/UDDIUtilityTools.properties |
Specifies passwords for:
|
profile_root/config/cells/cell_name/sts/SAMLIssuerConfig.properties |
The following fields contain
encoded passwords:
|
PropFilePasswordEncoder C:\WASV8\WebSphere\AppServer\profiles\AppSrv\properties \sas.client.props com.ibm.ssl.keyStorePassword,com.ibm.ssl.trustStorePassword
where:
PropFilePasswordEncoder is the name of the utility that you are running from the profile_root/profiles/profile_name/bin directory.
C:\WASV6\WebSphere\AppServer\profiles\AppSrv\properties\sas.client.props is the name of the file that contains the passwords to encode.
com.ibm.ssl.keyStorePassword is a password to encode in the file.
com.ibm.ssl.trustStorePassword is a second password to encode in the file.
In this information ...Subtopics
| IBM Redbooks, demos, education, and more(Index) |